Similar Posts
Axonius — Tool Overview
What is Axonius? Axonius is a Cyber Asset Attack Surface Management (CAASM) platform that aggregates and correlates device and user data from across the organization’s existing security and IT tools. Rather than replacing existing tools, Axonius continuously normalizes, deduplicates, and enriches aggregated asset data to provide a complete and accurate picture of the entire technology…
Hard Drives
In the world of data storage, SSD and HDD are the two main technologies for storing your files. The difference primarily comes down to moving parts vs. flash memory. HDD (Hard Disk Drive) An HDD is the traditional storage technology. It uses physical, spinning magnetic platters and a moving “read/write head” to access data—much like…
VirusTotal — Tool Overview
What is VirusTotal? VirusTotal is a free, web-based threat intelligence service that aggregates results from over 70 antivirus engines, URL scanners, and security vendors to analyze suspicious files, hashes, URLs, IP addresses, and domains. It is widely used across the security community as a quick and reliable reference point during threat investigations. No account or…
The Triple Punch
Standard Endpoint Investigation Workflow Objective: To determine if a file is safe or malicious, find out who has it, and confirm if security controls (Antivirus) took action. Punch 1: The Inventory Hunt (Scope & Presence) Punch 2: The Reputation Check (Global Intel) Punch 3: The Log Audit (Security Action) Investigation Summary Checklist
Common Terms
Glossary of Security Terms and Definitions Objective: To standardize technical terminology within the Security Operations Center (SOC) and ensure accurate communication during endpoint investigations. 1. MD5 Hash (Message Digest Algorithm 5) A unique 32-character cryptographic string used to represent a file’s digital identity. It serves as a fixed-length “fingerprint” that remains constant regardless of file…
False Positive vs. True Positive
The distinction between a false positive and a true positive hinges on a single question: Did the tool or rule do what it was designed to do? True Positive A true positive occurs when a rule fires correctly, in accordance with its defined logic and conditions. The detection behaved exactly as intended based on how…